> >If you're NIS password table is also the local table on the NIS master,
> >you should be able to do the same thing for the 'martti' account while
> >logged into the NIS master:
> >
> >  # passwd -l martti
> >
> >This should bypass NIS for this instance.  But you're right, NIS should
> >allow root to change a normal users's password without prompting for the
> >old one.
>
> Uh, no. This is by design. A user gaining root on his own workstation
> should not be able to lock-out other users on the domain. (And yes,
> talking about security in an NIS/NFS environment is laughable).

I was under the impression that root on the NIS Master could change
user's passwords without using NIS.  Obviously, root on some other machine
should NEVER have this ability!

[fox]